It was discovered that the ALSA /proc interface did not write the
correct number of bytes when reporting memory allocations. A local
attacker might be able to access sensitive kernel memory, leading to
a loss of privacy. (CVE-2007-4571)